From the exam https://www.redhat.com/en/services/training/ex413-red-hat-certificate-expertise-server-hardening-exam

Identify Red Hat Common Vulnerabilities and Exposures (CVEs) and Red Hat Security Advisories (RHSAs) and selectively update systems based on this information

Verify package security and validity

Identify and employ standards-based practices for configuring file system security, create and use encrypted file systems, tune file system features, and use specific mount options to restrict access to file system volumes

Configure default permissions for users and use special file permissions, attributes, and access control lists (ACLs) to control access to files

Install and use intrusion detection capabilities in Red Hat Enterprise Linux to monitor critical system files